A Lightweight Continuous Authentication Protocol for the Internet of Things

Modern societies are moving toward an information-oriented environment. To gather and utilize information around people’s modern life, tiny devices with all kinds of sensing devices and various sizes of gateways need to be deployed and connected with each other through the Internet or proxy-based wireless sensor networks (WSNs). Within this kind of Internet of Things (IoT) environment, how to authenticate each other between two communicating devices is a fundamental security issue. As a lot of IoT devices are powered by batteries and they need to transmit sensed data periodically, it is necessary for IoT devices to adopt a lightweight authentication protocol to reduce their energy consumption when a device wants to authenticate and transmit data to its targeted peer. In this paper, a lightweight continuous authentication protocol for sensing devices and gateway devices in general IoT environments is introduced. The concept of valid authentication time period is proposed to enhance robustness of authentication between IoT devices. To construct the proposed lightweight continuous authentication protocol, token technique and dynamic features of IoT devices are adopted in order to reach the design goals: the reduction of time consumption for consecutive authentications and energy saving for authenticating devices through by reducing the computation complexity during session establishment of continuous authentication. Security analysis is conducted to evaluate security strength of the proposed protocol. In addition, performance analysis has shown the proposed protocol is a strong competitor among existing protocols for device-to-device authentication in IoT environments.

[1]  P. Balamuralidhar,et al.  One time password authentication scheme based on elliptic curves for Internet of Things (IoT) , 2015, 2015 5th National Symposium on Information Technology: Towards New Smart World (NSITNSW).

[2]  Djamel Tandjaoui,et al.  A novel lightweight authentication scheme for heterogeneous wireless sensor networks in the context of Internet of Things , 2016, 2016 Wireless Telecommunications Symposium (WTS).

[3]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[4]  Soumik Mondal,et al.  Continuous Authentication in a real world settings , 2015, 2015 Eighth International Conference on Advances in Pattern Recognition (ICAPR).

[5]  Imran A. Zualkernan,et al.  Internet of things (IoT) security: Current status, challenges and prospective measures , 2015, 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST).

[6]  Geovandro C. C. F. Pereira,et al.  Performance Evaluation of Cryptographic Algorithms over IoT Platforms and Operating Systems , 2017, Secur. Commun. Networks.

[7]  Ramjee Prasad,et al.  Threshold Cryptography-based Group Authentication (TCGA) scheme for the Internet of Things (IoT) , 2014, 2014 4th International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE).

[8]  Erik P. de Vink,et al.  Injective synchronisation: An extension of the authentication hierarchy , 2006, Theor. Comput. Sci..

[9]  Lior Rokach,et al.  Continuous Verification Using Keystroke Dynamics , 2010, 2010 International Conference on Computational Intelligence and Security.

[10]  Davor Svetinovic,et al.  A taxonomy of security and privacy requirements for the Internet of Things (IoT) , 2014, 2014 IEEE International Conference on Industrial Engineering and Engineering Management.

[11]  Soumik Mondal,et al.  Continuous authentication and identification for mobile devices: Combining security and forensics , 2015, 2015 IEEE International Workshop on Information Forensics and Security (WIFS).

[12]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[13]  Kamal Youcef-Toumi,et al.  Towards Continuous Authentication in Internet of Things Based on Secret Sharing Scheme , 2015, WESS.

[14]  Eric Rescorla,et al.  Datagram Transport Layer Security Version 1.2 , 2012, RFC.

[15]  Shuangquan Wang,et al.  Continuous Authentication With Touch Behavioral Biometrics and Voice on Wearable Glasses , 2017, IEEE Transactions on Human-Machine Systems.

[16]  Chunhua Su,et al.  You Think, Therefore You Are: Transparent Authentication System with Brainwave-Oriented Bio-Features for IoT Networks , 2020, IEEE Transactions on Emerging Topics in Computing.

[17]  Lida Xu,et al.  The internet of things: a survey , 2014, Information Systems Frontiers.

[18]  Andrei V. Gurtov,et al.  Two-phase authentication protocol for wireless sensor networks in distributed IoT applications , 2014, 2014 IEEE Wireless Communications and Networking Conference (WCNC).

[19]  Mohammad S. Obaidat,et al.  Dynamic Sample Size Detection in Learning Command Line Sequence for Continuous Authentication , 2012, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[20]  James S. Okolica,et al.  User identification and authentication using multi-modal behavioral biometrics , 2014 .

[21]  Andrei Gurtov,et al.  Lightweight and Secure Session-Key Establishment Scheme in Smart Home Environments , 2016, IEEE Sensors Journal.

[22]  Djamel Tandjaoui,et al.  A Lightweight Authentication Scheme for E-Health Applications in the Context of Internet of Things , 2015, 2015 9th International Conference on Next Generation Mobile Applications, Services and Technologies.

[23]  Jari Arkko,et al.  Practical Considerations and Implementation Experiences in Securing Smart Object Networks , 2018, RFC.

[24]  Chunhua Su,et al.  A Novel Certificateless Signature Scheme for Smart Objects in the Internet-of-Things , 2017, Sensors.

[25]  Louis Coetzee,et al.  The Internet of Things - promise for the future? An introduction , 2011, 2011 IST-Africa Conference Proceedings.

[26]  D. Boneh,et al.  Encryption schemes from bilinear maps , 2007 .

[27]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[28]  Geir M. Køien,et al.  Security and privacy in the Internet of Things: Current status and open issues , 2014, 2014 International Conference on Privacy and Security in Mobile Systems (PRISMS).

[29]  Tzonelih Hwang,et al.  Untraceable Sensor Movement in Distributed IoT Infrastructure , 2015, IEEE Sensors Journal.

[30]  M. Bellare,et al.  HMAC: Keyed-Hashing for Message Authentication, RFC 2104 , 2000 .

[31]  Chao Shen,et al.  Continuous authentication for mouse dynamics: A pattern-growth approach , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[32]  Bogdan Hoanca,et al.  Real-time continuous iris recognition for authentication using an eye tracker , 2012, CCS '12.

[33]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[34]  Chi Harold Liu,et al.  The Emerging Internet of Things Marketplace From an Industrial Perspective: A Survey , 2015, IEEE Transactions on Emerging Topics in Computing.

[35]  Nei Kato,et al.  Effectively Collecting Data for the Location-Based Authentication in Internet of Things , 2017, IEEE Systems Journal.

[36]  Stephen S. Yau,et al.  An Effective Approach to Continuous User Authentication for Touch Screen Smart Devices , 2015, 2015 IEEE International Conference on Software Quality, Reliability and Security.

[37]  Anil K. Jain,et al.  Soft Biometric Traits for Continuous User Authentication , 2010, IEEE Transactions on Information Forensics and Security.

[38]  Mehdi Mani,et al.  Use Cases for Authentication and Authorization in Constrained Environments , 2016, RFC.

[39]  Isaac Woungang,et al.  Toward a Framework for Continuous Authentication Using Stylometry , 2014, 2014 IEEE 28th International Conference on Advanced Information Networking and Applications.

[40]  Georg Carle,et al.  DTLS based security and two-way authentication for the Internet of Things , 2013, Ad Hoc Networks.

[41]  Carsten Bormann,et al.  Terminology for Constrained-Node Networks , 2014, RFC.